Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

412 advisories

Loading
An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely... Moderate Unreviewed
CVE-2025-51497 was published Jul 17, 2025
A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2022-20630 was published Feb 11, 2022
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43485 was published Jul 23, 2025
Okta On-Premises Provisioning (OPP) agents log certain user data during administrator-initiated... Moderate Unreviewed
CVE-2025-7371 was published Jul 22, 2025
An issue was discovered in Westermo WeOS 5 (5.24 through 5.24.4). A threat actor potentially can... Moderate Unreviewed
CVE-2025-54319 was published Jul 20, 2025
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of... Moderate Unreviewed
CVE-2025-30483 was published Jul 15, 2025
Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit... Moderate Unreviewed
CVE-2025-6392 was published Jul 11, 2025
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive... Moderate Unreviewed
CVE-2025-36599 was published Jul 9, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2... Moderate Unreviewed
CVE-2025-5464 was published Jul 8, 2025
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2... Moderate Unreviewed
CVE-2025-5463 was published Jul 8, 2025
An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear... Moderate Unreviewed
CVE-2025-6711 was published Jul 7, 2025
A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the... Moderate Unreviewed
CVE-2024-9453 was published Jul 4, 2025
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell... Moderate Unreviewed
CVE-2025-6587 was published Jul 3, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2023-42937 was published Jan 23, 2024
An issue was discovered in GitLab EE affecting all versions starting from 17.0 prior to 17.0.6,... Moderate Unreviewed
CVE-2024-7586 was published Jun 20, 2025
IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in... Moderate Unreviewed
CVE-2025-36050 was published Jun 19, 2025
A flaw exists in FlashArray whereby the Key Encryption Key (KEK) is logged during key rotation... Moderate Unreviewed
CVE-2025-2327 was published Jun 16, 2025
Philips DreamMapper, Version 2.24 and prior. Information written to log files can give guidance... Moderate Unreviewed
CVE-2020-14518 was published May 24, 2022
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and... Moderate Unreviewed
CVE-2025-31199 was published May 30, 2025
A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token... Moderate Unreviewed
CVE-2022-32217 was published Sep 25, 2022
A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing... Moderate Unreviewed
CVE-2022-23716 was published Sep 29, 2022
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3... Moderate Unreviewed
CVE-2022-3018 was published Oct 28, 2022
Wire through 3.22.3993 on Windows advertises deletion of sent messages; nonetheless, all messages... Moderate Unreviewed
CVE-2022-43673 was published Nov 18, 2022
Recording of environment variables, configured for running containers, in Docker Desktop... Moderate Unreviewed
CVE-2025-3911 was published Apr 29, 2025
In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs Moderate Unreviewed
CVE-2025-46432 was published Apr 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database